Vulnerabilities > Permission Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-11 | CVE-2017-11463 | Permission Issues vulnerability in Ivanti Endpoint Manager 2016.4/2017.1/2017.3 In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. | 6.5 |
| 2017-11-22 | CVE-2017-8153 | Permission Issues vulnerability in Huawei Vmall Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. | 5.8 |
| 2017-11-22 | CVE-2017-2694 | Permission Issues vulnerability in Huawei Vmall The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. | 4.3 |
| 2017-10-23 | CVE-2017-7145 | Permission Issues vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.0 |
| 2017-10-23 | CVE-2017-7144 | Permission Issues vulnerability in Apple Iphone OS and Safari An issue was discovered in certain Apple products. | 4.3 |
| 2017-10-23 | CVE-2017-7088 | Permission Issues vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.1 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 1.7 |
| 2017-10-10 | CVE-2015-7842 | Permission Issues vulnerability in Huawei products Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions. | 5.5 |
| 2017-08-28 | CVE-2015-8300 | Permission Issues vulnerability in Polycom Btoe Connector Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file. | 7.2 |
| 2017-08-18 | CVE-2015-5153 | Permission Issues vulnerability in Pulp Project Pulp Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name. | 6.5 |